On-line authorization in access environment

ABSTRACT

A method is disclosed. The method includes interacting with a gate access device that is capable of preventing access to a location, where the gate access device subsequently sends an authorization request message to an issuer for approval, the authorization request message including a request to charge a predetermined amount of money to pay for access to a location, and entering the location if the gate access device receives an authorization response message indicating that the charge is authorized.

CROSS-REFERENCES TO RELATED APPLICATIONS

This applications claims priority to U.S. Provisional Patent ApplicationNo. 60/984,450, filed on Nov. 1, 2007, which is herein incorporated byreference in its entirety for all purposes.

BACKGROUND

Transit fare collection has been moving toward a model to utilize thecontactless payment card exactly as issued within the transitenvironment. A contactless payment application, as defined to-date, canbe an on-line transaction requiring end-to-end authentication and issuerapproval/decline of the transaction. This type of transaction maytypically take 3 to 7 seconds to process through standard payment systemchannels. A standard payment system channel may include a merchantsystem, an acquirer, an acquirer processor, a payment processing system(e.g., VisaNet), an issuer, an issuer processor, etc. Transaction speedsof this magnitude are accepted as the norm in retail point of saleenvironments.

Some transit agencies have targeted a 300 millisecond (ms) transactiontime to meet the needs of this environment in order to process 30 to 45patrons per minute through a gate access device. Because of thesetransaction speed considerations, transit fare agencies have positionedtheir solution as an off-line transaction at the gate or farebox. Thisis due to the fact that there is no time in the transit environment togo on-line for the issuer to approve/decline the fare transaction. Atransit agency cannot wait for 3 to 7 seconds to approve a transaction.An off-line process at the gate or farebox is accomplished without fullissuer authorization.

In an “on-line” transaction, authorization is received before therelease of goods or services. In an “off-line” transaction, goods andservices may be released by a merchant or service provider prior toreceiving authorization from a payment processing organization such asVisa or the issuer.

When a transaction is performed off-line with a contactless paymentcard, there are security and other risks associated with the use of thecontactless payment application in this fashion. A list of the problemsassociated with using the contactless payment card in off-line modeinclude:

Authentication: No card/reader authentication is included in themagnetic stripe data (MSD) application, and without card authenticationthere is potential for high fraud due to the potential forcounterfeiting of cards and accounts.

Fraud and Negative List: Transactions are not approved in real time,which means that any card must be allowed to work without authorization.This would include lost/stolen, counterfeit, negative balance, and othercards with account problems. With off-line transactions, the transitagency must keep a negative list of bad account numbers that previouslyresulted in declined transactions. The negative list is the onlymechanism to deter fraud in the off-line environment. There are problemsassociated with negative lists, including the fact that the negativelist would have to grow unbounded as more contactless payment issuancetakes place. The problem is that memory space is limited in the faredevice, and the time it takes to search a negative list is prohibitive.Therefore, the list must be contained. This, in turn, means that someknown bad cards would have to be removed from the negative list to keepthe list length in check, which again opens the door to fraud.

Data Security/Storage: Protection of cardholder data (Payment CardIndustry (PCI)/Data Security Standard (DSS) Compliance—a set ofcomprehensive requirements for enhancing payment account data security)in transit fare collection systems may prove difficult. Payment trackdata including the primary account number (PAN) is the only dataavailable on a contactless payment card. Transit fare collection systemswould have to collect and store this data securely, which is notsomething transit fare collection systems do today. It is costly tobuild the systems and mechanisms such as data encryption to meetcardholder data protection standards.

Transaction Speed: On-line authorization of 3 to 7 seconds is too longat turnstiles, and is questionable on buses (target 300 ms transactiontime).

Negative balance: Because the issuer keeps track of account status andbalance on prepaid and debit card accounts, the off-line solution willnot have knowledge of account balances associated with such accounts.The only mechanism to stop the use of zero or negative balance cards isto first get a declined transaction (i.e. provide a free ride), and thento place the account on the negative list. The card may be denied accessfor subsequent uses once it is on the negative list of the transitagency.

Embodiments of the invention address the above problems, and otherproblems, individually and collectively.

SUMMARY

Embodiments of the invention are directed to methods and systems thatallow for access to a location using an on-line authorization process.

One embodiment of the invention is directed to a method. The methodincludes receiving a request for access to a location at a gate accessdevice from a user. After receiving the request for access to thelocation, an authorization request message is generated. Theauthorization request message includes a request to charge apredetermined amount of money to pay for access to the location. Theauthorization request message is then sent to an issuer for approval. Anauthorization response message is then received. The authorizationresponse message indicates whether or not the charge is authorized ornot authorized. If the authorization response message indicates that thecharge is authorized, then the user is allowed to access the location,by automatically actuating a gate device of the gate access device.

Another embodiment of the invention is directed to a gate access device.The gate access device includes a gate device, a processor and acomputer readable medium. The computer readable medium includesinstructions for receiving a request for access to a location from auser, and generating an authorization request message. The authorizationrequest message includes a request to charge a predetermined amount ofmoney. An authorization request message is sent to an issuer forapproval, and is received. The authorization response message indicateswhether or not the charge is authorized or not authorized, and if theauthorization response message indicates that the charge is authorized,then the user is allowed access to the location, by automaticallyactuating the gate device.

Another embodiment of the invention is directed to a system comprising agate access device comprising a gate device, a first processor, and afirst computer readable medium comprising instructions executable by theprocessor. The instructions include instructions for receiving a requestfor access to a location from a user, and generating an authorizationrequest message. The authorization request message includes a request tocharge a predetermined amount of money. The instructions also includeinstructions for sending the authorization request message to an issuerfor approval, and receiving an authorization response message, where theauthorization response message indicates whether or not the charge isauthorized or not authorized, and if the authorization response messageindicates that the charge is authorized, then allowing the user toaccess the location, by automatically actuating the gate device. Thesystem may also include a computer comprising a second processor and asecond computer readable medium wherein the second computer readablemedium comprises instructions for receiving the authorization requestmessage, generating the authorization response message, and then sendingthe authorization response message to the gate access device.

Another embodiment of the invention is directed to a method comprisinginteracting with a gate access device that is capable of preventingaccess to a location, where the gate access device subsequently sends anauthorization request message to an issuer for approval, theauthorization request message including a request to charge apredetermined amount of money to pay for access to a location, andentering the location if the gate access device receives anauthorization response message indicating that the charge is authorized.

Another embodiment of the invention is directed to a system comprising agate access device, a primary computer comprising a first processor anda first computer readable medium comprising instructions for processingauthorization request messages that do not originate from the gateaccess device, and a secondary computer comprising a second processorand a second computer readable medium comprising instructions forprocessing authorization request messages from the gate access device.The secondary computer is closer to the gate access device than theprimary computer.

Another embodiment of the invention is directed to a computer comprisinga processor, and a computer readable medium coupled to the processor,the computer readable medium comprising instructions for receiving, atan issuer, an authorization request message from a gate access deviceafter interacting with a portable consumer device associated with auser, determining if the user is authorized to enter a locationaccessible via the gate access device, and then sending an authorizationresponse message to the gate access device.

These and other embodiments of the invention are described in furtherdetail below.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a schematic diagram of a transit-payment system accordingto an embodiment of the invention.

FIG. 2 shows a block diagram illustrating components in one type ofportable consumer device.

FIG. 3 shows a schematic diagram of a payment card.

FIG. 4 shows a block diagram of components that can be in a gate accessdevice.

FIG. 5 shows a block diagram of components that can be in a computer.

FIG. 6 shows a flowchart illustrating some embodiments of the invention.

FIG. 7 shows another system according to another embodiment of theinvention.

FIG. 8 shows another flowchart illustrating other embodiments of theinvention.

DETAILED DESCRIPTION

In embodiments of the invention, a payment application (e.g., acontactless payment application) may be used as designed in an on-linefashion in the transit fare environment as long as the communicationspeed is fast enough and processing nodes are eliminated. As technologyimproves over time, some agency fare collection environments with fastTCP/IP, Ethernet, or other wide-band connectivity could allow on-linetransactions, if the architecture of the merchant system (transit faresystem) had minimal nodes and direct connectivity to a paymentprocessing network such as VisaNet through an interface such as VisaDirect Exchange (DEX). (DEX is an authorization interface for highvolume retail transactions.) Embodiments of the invention can conducton-line transit payment transactions within 1 second, 500 milliseconds,300 milliseconds, or less.

A traditional off-line process can now be described. The off-linetransaction process includes the following steps. First, a MSD (magneticstripe data) card is read by a contactless reader. Card validation iscompleted using track data and a check of Mod 10 and an expiration date(step 1). Second, an agency negative list check is completed using thePAN from the track data as the identifier (step 2). Third, thetransaction is complete at the fare device (step 3). Fourth, the patronor user is allowed to enter the transit system or board the bus (step4). (This can be done within 300 milliseconds; however, note that thecost of the fare is not known at this point in time.) Fifth, sometimelater, based on the network and communication infrastructure, thetransaction details are forwarded to a transit computer for additionalprocessing (step 5). This is a post process in that the patron hasalready been allowed to enter the transit system. Sixth, the transitcomputer calculates a fare value based on card history and agency farepolicy. This may take hours or days to complete (step 6). Seventh, thetransit computer processes the fare value through a payment networkbased on the payment card PAN (step 7). This is accomplished hours orpossibly days after the actual transaction depending upon the transitsystem processing capability. The issuer then authorizes or declines thetransaction, returning this information back to the transit computer. Ifthe payment transaction is declined by the issuer, the transit centralhost computer may put the card PAN on the negative list and download theupdated list to each transit device (refer to step number 2).

In the off-line model description above, there are a number of “nodes”(e.g., the transit fare data network and/or the transit centralcomputer). Even under the best of circumstances, the transaction processwill take many seconds, which is too long to make a patron wait at afare gate. Off-line processing allows the patron to proceed right away,and after-the-fact validates the account integrity and balance when thetransaction is finally sent to the issuer.

Embodiments of the invention relate to the use of on-line methods. Thismethod minimizes the nodes involved in the transaction at the fare gate.Under such conditions, the fare gate (or other type of gate accessdevice) can process a transaction directly into a payment processingnetwork hub (such as a Visa Direct Exchange (DEX) hub). Thisconfiguration is desirable, but the system architecture may have othernodes for purposes of transaction accounting or database storage. Anyadditional nodes would quickly forward a transaction authorizationrequest to the payment processing network hub (e.g., Visa DEX) andexpect an immediate authorization or decline from the issuer (e.g.,through the Visa DEX).

The steps involved in an on-line transaction embodiment of the inventioncan include the following steps. First, an MSD card is read by thecontactless reader. Second, transaction data is forwarded through theagency fare system network directly into a hub in a payment processingnetwork such as Visa DEX. The transaction data would include apre-authorization transaction value based on a maximum fare, or otherpre-set or predetermined amount (note that the exact fare cost may notbe known for hours or days and settlement typically cannot occur untilthe fare cost is known). The payment processing network then forwardsthe transaction to the issuer for authorization. Note that stand inprocessing may be performed by the payment processing network underappropriate circumstances like time-out or issuer unavailability. Anauthorization or decline is returned through the hub to the fareprocessing device. The patron is allowed or denied entry to the transitsystem based on authorization or decline from the payment processingnetwork. Up until this point, the total transaction time may be 300 msor less.

Sometime later, the transaction details are forwarded to a transitcomputer for additional processing. This is a post process in that thepatron has already been allowed to enter the transit system. Additionaltransaction data from other transactions by the card (card use history)may be utilized in this post process. It may take hours or days tocollect all information necessary to calculate the fare of eachtransaction. The transit fare processing system then calculates the farevalue based on the card's history and agency fare policy. The transitfare processing system then sends a settlement amount for thetransaction through its acquirer. Settlement may be for a value lessthan the full fare, or may be zero based on a fare policy like freetransfers. This is accomplished in a delayed post process, possibly daysafter the actual transaction depending upon the transit systemprocessing capability.

The advantages to the above-solution are many. All of the negativeaspects of off-line solutions are solved as discussed below.

Authentication: The off-line MSD application does not have provisionsfor card/reader authentication. The proposed MSD application is anon-line application with provisions to allow the payment processingnetwork and the issuer to authenticate the card using cryptograms suchas dynamic or static verification values (dCVV or CVV). The cryptogramgenerated by the card or stored on the card (or other portable consumerdevice) can be authenticated during the authorization process when anapproval/decline is returned to the fare device. This provides theability for card authentication and reduces the possibility ofcounterfeit fraud.

Fraud and Negative List: In off-line solutions, the negative list is theonly mechanism that can be employed to reduce fraud. The negative listis not necessary in the on-line model (but could be used). Since thepayment processing network and the issuer are allowed to approve ordecline the transaction, the normal fraud rules and processes are used.The payment processing network and the issuer provide many layers offraud detection, such as “advanced authorization”, cryptogramvalidation, lost/stolen protection, exception listing, account balancechecking, and fraud scoring, to name only a few. The merchant (transitagency) does not need to also bear the burden of keeping track of badcards or accounts (i.e. negative list) in order to stop them from beingaccepted in the transit system. The payment processing network and theissuer will provide this function with the results returned to the faregate or device in the authorization message.

Data Storage/Security: In off-line processing, the merchant system keepscardholder data at various points in the transaction flow. For example,the negative list would necessarily be made of cardholder accountnumbers, and would be held at the gate or farebox. PCI/DSS rules requireencryption and other protection mechanisms, which impose a strictrequirement on gate and other fare processing devices. However, in theon-line model, the transaction can still use the card track data(cardholder data), but the data can be deleted once the transaction isauthorized or declined (300 ms) and the results are sent to the transithost (immediately following authorization). The transit host computerwhere the transaction data is kept will still need to be PCI/DSScompliant, but the typical environment where this computer is locatedmakes it easier to meet PCI/DSS compliance standards.

Transaction Speed: The off-line model will not allow a 300 mstransaction time to take place while at the same time achieving theauthorization from the issuer. The 300 ms transaction can only beachieved by allowing the patron to proceed with only a negative listcheck. The opportunity for fraud is large. The on-line model asdescribed herein can meet the 300 ms transaction time and also providefor all fraud deterrent tools to participate in the authorizationdecision.

Negative Balance: Account balance is an unknown in the off-line model.The card does not carry a balance for the gate to review. The only placethis balance is kept is at the issuer/processor. In the off-line model,the account is assumed to be good and assumed to have sufficient value.The patron is allowed to proceed with the immediate transaction, even ifthe patron's account balance is zero or negative. The only mechanism tostop this abuse is through the use of the negative list. With theon-line solution, the account balance is one parameter that is evaluatedby the issuer when making a decision to authorize or decline thetransaction. If the card is zero or negative, it will be denied accessto the system.

A more detailed discussion of the above embodiments is provided below,with reference to the Figures.

FIG. 1 shows a portable consumer device 32, a transit location 14comprising a plurality of gate access devices including a first gateaccess device 14(a) and a second gate access device 14(b), a transitcomputer 16, an acquirer 17, a payment processing network 18 including aserver computer 18(a) and a database 18(b), and an issuer 20 including aprimary computer 20(a) and an associated database 20(b). Theabove-described components can be in operative communication with eachother, and/or may be operatively coupled to each other in any suitablemanner. The acquirer 17 and issuer 20 can communicate through thepayment processing network 18.

The user of the portable consumer device 32 may also be a consumer ofgoods and/or services, and/or may be a patron of various transitsystems.

Embodiments of the invention may include any suitable portable consumerdevice. For example, the portable consumer devices can be hand-held andcompact so that they can fit into a consumer's wallet and/or pocket(e.g., pocket-sized). Examples of portable consumer devices may includecellular phones, personal digital assistants (PDAs), pagers, paymentcards, payroll cards, security cards, access cards, smart media,transponders, and the like. The portable consumer devices may interfacewith point of service (POS) terminals using any suitable mechanismincluding any suitable electrical, magnetic, or optical interfacingsystem. For example, a contactless system such as an RF (radiofrequency) device recognition system or contact system such as amagnetic stripe may be used to interface with a POS terminal containinga contactless reader or a magnetic stripe reader, respectively. Suitablecards may include prepaid cards, stored value cards, gift cards, payrollcards, etc.

The portable consumer device 32 may include a volatile or non-volatilememory to store information such as the cardholder's primary account(PAN) number, name, and other information. In some embodiments, theportable consumer device 32 may have multiple functions. For example,the portable consumer device 32 can be used in a retail environment insome embodiments, and could also be additionally or alternatively usedin a transit environment.

As shown in FIG. 1, the system may include an acquirer 17 and an issuer20. The acquirer 17 may be a bank that is associated with the transitagency associated with the transit location 14.

As used herein, an “acquirer” is typically a business entity, e.g., acommercial bank that has a business relationship with a particularmerchant or an Automated Teller Machine (ATM). An “issuer” is typicallya business entity (e.g., a bank) which issues a portable consumer devicesuch as a credit or debit card to a consumer. Some entities can performboth issuer and acquirer functions. Embodiments of the inventionencompass such single entity issuer-acquirers.

The transit location 14 can be any suitable location that is associatedwith transit. For example, the transit location can be a bus stop, asubway station, a train station, an airport, etc. In addition, although“transit” is discussed in detail herein, embodiments of the inventioncan be used in any suitable situation where access to a particularlocation is desired, but is conditional upon authorization (e.g.,building access or venue access).

Each of the computers 16, 18(a), 20(a) shown in FIG. 1 (and also in FIG.7) can be a powerful computer or cluster of computers. For example, theserver computer 18(a) can be a large mainframe, a minicomputer cluster,or a group of servers functioning as a unit. In one example, the servercomputer may be a database server coupled to a web server. The servercomputer 18(a) may also comprise a processor, and a computer readablemedium.

The payment processing network 18 may comprise or use a paymentprocessing network such as VisaNet™. The payment processing network 18and any communication network that communicates with the paymentprocessing network 18 may use any other suitable wired or wirelessnetwork, including the Internet. The payment processing network 18 maybe adapted to process ordinary debit or credit card transactions.

The issuer 20 may also have a primary computer 20(a) and a database20(b) associated with the primary computer 20(a). If the above describedfirst gate access device 14(a) comprises a first processor and a firstcomputer readable medium associated with the first processor, then theprimary computer may comprise a second processor and a second computerreadable medium. The second computer readable medium comprises code orinstructions for receiving the authorization request message, generatingthe authorization response message, and then sending the authorizationresponse message to the first gate access device 14(a).

The transit computer 16 may comprise a third processor and a thirdcomputer readable medium. The computer readable medium may compriseinstructions or code for determining a transit fare after the userenters the location, and then sending data relating to the transit fareto the acquirer 17, which may be associated with the transit agency.

For simplicity of illustration, a specific number of components is shownin FIG. 1. However, it is understood that in other embodiments of theinvention, there can be many more components or fewer components.

An exemplary portable consumer device 32′ in the form of a phone maycomprise a computer readable medium and a body as shown in FIG. 2. (FIG.2 shows a number of components, and the portable consumer devicesaccording to embodiments of the invention may comprise any suitablecombination or subset of such components.) A computer readable medium32(b) may be present within a body 32(h), or may be detachable from it.The body 32(h) may be in the form of a plastic substrate, housing, orother structure. The computer readable medium 32(b) may be a memory thatstores data and may be in any suitable form including a magnetic stripe,a memory chip, etc. The memory preferably stores information such asfinancial information, transit information (e.g., as in a subway ortrain pass), access information (e.g., as in access badges), etc.Financial information may include information such as bank accountinformation, bank identification number (BIN), credit or debit cardnumber information, account balance information, expiration date,consumer information such as name, date of birth, etc. Any of thisinformation may be transmitted by the portable consumer device 32′.

In some embodiments, and regardless of the type of portable consumerdevice that is used, information in the memory may also be in the formof data tracks that are traditionally associated with credits cards.Such tracks include Track 1 and Track 2. Track 1 (“International AirTransport Association”) stores more information than Track 2, andcontains the cardholder's name as well as account number and otherdiscretionary data. This track is sometimes used by the airlines whensecuring reservations with a credit card. Track 2 (“American BankingAssociation”) is currently most commonly used. This is the track that isread by ATMs and credit card checkers. The ABA (American BankingAssociation) designed the specifications of this track and all worldbanks must abide by it. It contains the cardholder's account, encryptedPIN, plus other discretionary data.

The portable consumer device 32′ may further include a contactlesselement 32(g), which is typically implemented in the form of asemiconductor chip (or other data storage element) with an associatedwireless transfer (e.g., data transmission) element, such as an antenna.Contactless element 32(g) is associated with (e.g., embedded within)portable consumer device 32′ and data or control instructionstransmitted via a cellular network may be applied to contactless element32(g) by means of a contactless element interface (not shown). Thecontactless element interface functions to permit the exchange of dataand/or control instructions between the mobile device circuitry (andhence the cellular network) and the optional contactless element 32(g).

Contactless element 32(g) is capable of transferring and receiving datausing a near field communications (“NFC”) capability (or near fieldcommunications medium) typically in accordance with a standardizedprotocol or data transfer mechanism (e.g., ISO 14443/NFC). Near fieldcommunications capability is a short-range communications capability,such as RFID, Bluetooth™, infra-red, or other data transfer capabilitythat can be used to exchange data between the portable consumer device32′ and an interrogation device. Thus, the portable consumer device 32′is capable of communicating and transferring data and/or controlinstructions via both cellular network and near field communicationscapability.

The portable consumer device 32′ may also include a processor 32(c)(e.g., a microprocessor) for processing the functions of the portableconsumer device 32′ and a display 32(d) to allow a consumer to see phonenumbers and other information and messages. The portable consumer device32′ may further include input elements 32(e) to allow a consumer toinput information into the device, a speaker 32(f) to allow the consumerto hear voice communication, music, etc., and a microphone 32(i) toallow the consumer to transmit his/her voice through the portableconsumer device 32′. The portable consumer device 32′ may also includean antenna 32(a) for wireless data transfer (e.g., data transmission).

If the portable consumer device is in the form of a debit, credit, orsmartcard, the portable consumer device may also optionally havefeatures such as magnetic stripes. Such devices can operate in either acontact or contactless mode.

An example of a portable consumer device 32″ in the form of a card isshown in FIG. 3. FIG. 3 shows a plastic substrate 32(m). A contactlesselement 32(o) for interfacing with an access device 34 may be present onor embedded within the plastic substrate 32(m). Consumer information32(p) such as an account number, expiration date, and consumer name maybe printed or embossed on the card. Further, a magnetic stripe 32(n) mayalso be on the plastic substrate 32(m). The portable consumer device 32″may also comprise a microprocessor and/or memory chips with user datastored in them.

As shown in FIG. 3, the portable consumer device 32″ may include both amagnetic stripe 32(n) and a contactless element 32(o). In otherembodiments, both the magnetic stripe 32(n) and the contactless element32(o) may be in the portable consumer device 32″. In other embodiments,either the magnetic stripe 32(n) or the contactless element 32(o) may bepresent in the portable consumer device 32″.

FIG. 4 shows a block diagram showing basic components that may reside inan exemplary gate access device 14. An exemplary gate access device 14may comprise a processor 14(a)-1. It may also comprise a computerreadable medium 14(a)-2, a portable consumer device reader 14(a)-3, agate device 14(a)-4 such as a turnstile, a barrier, a gate etc., anoutput device 14(a)-5, and a network interface 14(a)-6, all operativelycoupled to the processor 14(a)-1. A housing may house one or more ofthese components. Exemplary portable consumer device readers can includeRF (radio frequency) antennas, magnetic stripe readers, etc. thatinteract with the portable consumer device 32. Suitable output devicesmay include displays and audio output devices. Exemplary computerreadable media may include one or more memory chips, disk drives, etc.In some embodiments, an output device could also be caused to operate byan appropriate gate device, if the gate device actuates to cause theoutput device to provide a message indicating that the user isauthorized to proceed.

The computer readable medium 14(a)-2 may store code or instructions forallowing gate access device 14 to operate in the manner describedherein. The instructions may be executed by the processor 14(a)-1. Thecomputer readable medium may comprise code or instructions for receivinga request for access to a location at a gate access device from a user,and generating an authorization request message, where the authorizationrequest message includes a request to charge a predetermined amount ofmoney to pay for access to the location, sending the authorizationrequest message to an issuer for approval, and receiving anauthorization response message, wherein the authorization responsemessage indicates whether or not the charge is authorized or notauthorized, and if the authorization response message indicates that thecharge is authorized, then allowing the user to access the location.

The network interface 14(a)-6 may allow the gate access device 14 tosend and receive messages from the transit computer 16, acquirer 17,payment processing network 18, and/or issuer 20.

FIG. 5 shows a block diagram of a computer. Any of the computers 15, 16,18(a), 20(a) in FIGS. 1 and 7 may utilize any suitable number ofsubsystems. Examples of such subsystems or components are shown in FIG.5. The subsystems shown in FIG. 5 are interconnected via a system bus775. Additional subsystems such as a printer 774, keyboard 778, fixeddisk 779, monitor 776, which is coupled to display adapter 782, andothers are shown. Peripherals and input/output (I/O) devices, whichcouple to I/O controller 771, can be connected to the computer system byany number of means known in the art, such as serial port 777. Forexample, serial port 777 or external interface 781 can be used toconnect the computer apparatus to a wide area network such as theInternet, a mouse input device, or a scanner. The interconnection viasystem bus allows the central processor 773 to communicate with eachsubsystem and to control the execution of instructions from systemmemory 772 or the fixed disk 779, as well as the exchange of informationbetween subsystems. The system memory 772 and/or the fixed disk 779 mayembody a computer readable medium.

FIG. 6 shows a flowchart illustrating methods according to embodimentsof the invention. It is understood that methods according to embodimentsof the invention may include some, all or any suitable combination ofsteps shown in FIG. 6. Methods according to embodiments of the inventioncan be described with reference to FIGS. 1 and 6.

First, a user of a transit system interacts with a gate access device14(a) using a portable consumer device 32 (step 102) and a request toaccess the transit location 14 is received. In an embodiment of theinvention, user data stored in a computer readable medium in theportable consumer device 32 may be transferred from the portableconsumer device 32 to the gate access device 14(a) via a portableconsumer device reader (e.g., element 14(a)-3 in FIG. 4). An exemplaryinteraction can take about 150 milliseconds or less in some embodiments.The gate access device 14(a) may be a first gate access device 14(a) ata transit location 14. The transit location 14 may be, for example, asubway station and may have a plurality of gate access devices 14(a),14(b) which prevent users from accessing transit services at the transitlocation 14 until the user is authorized to do so.

Any suitable type of interaction can take place. For example, in oneexample, the portable consumer device 32 may be in the form of a paymentcard including a contactless element including a chip and an antenna.The first gate access device 14(a) may have a corresponding contactlessreader that can read data stored in the chip via the antenna. Otherinteraction modes are described above.

After the portable consumer device 32 interacts with the first gateaccess device 14(a), an authorization request message is generated (step104). In some embodiments, a processor (e.g., processor 14(a)-1) in thefirst gate access device 14(a) can generate the authorization requestmessage, while in other embodiments, an external computer incommunication with the first gate access device 14(a) can generate theauthorization request message.

The authorization request message may contain information (or any subsetof such information) including the track 1 and track 2 type information(e.g., BIN or PAN number, expiration date, etc.) described above. It mayalso comprise a dynamic or static verification value that can be used bythe first gate access device 14(a) or another component (e.g., theissuer primary computer 20(a)) to authenticate the portable consumerdevice 32. In some embodiments, the dynamic or static verification valuemay be a dynamic verification value such as a dynamic transitverification value. A dynamic transit verification value can begenerated by a processor on the portable consumer device 32 using acounter or some other dynamic data element, and can then be transmittedto the first gate access device 14(a), and then to the issuer primarycomputer 20(a) (or alternatively the server computer 18(a)) via thepayment processing network 18. Then, a processor in the issuer primarycomputer 20(a) can independently generate the transit verification valueusing data including a second dynamic data element (which may be storedin the database 20(b)) that changes for each transaction conducted bythe portable consumer device 32. The transit verification value can bespecifically used for transit applications and may not be suitable foruse in retail applications in some embodiments.

The authorization request message may include data relating to a requestto charge a predetermined amount of money to pay for access to alocation. The request to charge may be equal to the maximum fare chargedby the transit agency for a transit service offered by the transitagency. If a charge for the maximum fare is authorized by the issuer 20,then the issuer 20 can place a “hold” on the user's account with theissuer 20 for that amount. For example, the maximum fare associated witha subway system may be $20.00 and a hold is placed on the user's accountfor this amount. Later, during clearing and settlement, the actual costof the user's journey may be charged against the user's account and thehold for any additional amount of money up to the maximum charge may bereleased. For example, the actual cost of the user's journey on thesubway system may be $6.00. The hold of the remaining $14.00 in theuser's account is then released. In such embodiments, the transit agencycan be assured that it will be paid.

Alternatively, the request to charge may be equal to a predicted farecharged by the transit agency for the user based on the user's past useand/or payment history with the transit agency. The gate access device14(a) may obtain data relating to the user's prior use of the system(from the transit computer 16, the payment processing network servercomputer 18(a), and/or the issuer primary computer 20(a)). For example,a processor in the transit computer 16 may determine that 95% of thetime, the user always travels between stations A and B, and the cost ofthe trip from station A to station B is about $5.00. The authorizationrequest message may therefore request approval for a charge of $5.00before the user is allowed to enter the secured area of the transitlocation. In the unlikely event that the user's journey costs more than$5.00, the transit agency will bear the risk that the user will be ableto pay for the difference.

After the authorization request message is generated by the first gateaccess device 14(a) (or other device in communication with the firstgate access device 14(a)), it can be sent to the transit computer 16,which calculates the maximum fare if the maximum fare is not calculatedby the first gate access device 14(a). Specifically, in someembodiments, a processor (e.g., 14(a)-1 in FIG. 4) in the gate accessdevice 14 can generate the authorization request message, and it canpass to a network interface (e.g., 14(a)-6 in FIG. 4) in the gate accessdevice 14. This can take about 40 milliseconds or less in someembodiments.

The authorization request message can then be sent from the transitcomputer 16 to the primary computer 20(a) at the issuer 20 via thepayment processing network 18. A communication channel 88 can be adirect connection between the payment processing network 18 and thefirst gate access device 14(a). The connection is “direct” in the sensethat that authorization request message does not pass through theacquirer 17. In a normal retail transaction conducted using a creditcard or the like, authorization request messages pass through acquirersbefore they pass to a payment processing network such as VisaNet™.

The authorization request message is then received (step 108). In thecurrent example that is being discussed, the authorization requestmessage is received by the primary computer 20(a) at the issuer 20 afterit passes from the payment processing network 18. As noted above, inother embodiments, the authorization request message can be received bythe payment processing network 18. The authorization request message maybe received through an external interface in the primary computer 20(a)or a computer in the payment processing network 18.

After the authorization request message is received, a determination isthen made as to whether or not the transaction is approved (step 110). Aprocessor in the primary computer 20(a) can then determine if thetransaction is authorized or not. The primary computer 20(a) cancommunicate with an associated database 20(b), which may containinformation regarding the status of an account associated with theportable consumer device 32. If the user associated with the account hassufficient credit or funds in the account, then the transaction may beauthorized. If there are insufficient funds or credit in the user'saccount, then the transaction may not be authorized.

After a determination is made as to whether or not the transaction isauthorized, an authorization response message is then sent to the user(step 112). The authorization response message may contain informationindicating whether or not the transaction is authorized or notauthorized.

The authorization response message may be sent to the user in anysuitable manner. For example, the authorization response message may besent from the primary computer 20(a) at the issuer 20 to the gate accessdevice 14(a) directly or via the transit computer 16. This may takeanywhere from 100 (e.g., 40-70) milliseconds or less in someembodiments. Alternatively or additionally, the authorization responsemessage could be sent to a phone operated by the user or even theportable consumer device 32 itself, if the portable consumer device 32has sufficient functionality to receive an authorization responsemessage.

If the authorization response message indicates that the transaction isapproved, then the user is permitted to access the location (step 114).The gate access device 14(a) can have a gate device such as the gatedevice 14(a)-4 that can unlock or actuate (e.g., automatically inresponse to receipt of an authorization response message that indicatesthat the transaction is authorized) allowing the user to enter a securedarea at the transit location 14. Because the user was allowed to pass bythe gate access device 14(a) only after the transaction was approved,the transaction conducted by the user is an “on-line” transaction. Inother words, the gate device of the gate access device 14(a) can beunlocked or actuated automatically only if the authorization responsemessage indicates that the requested charge is authorized, so as toallow the user to access the location only in this case. Other types ofgate devices may include devices which actuate (e.g., as in the case ofan actuated audible signal) in a manner that eventually indicates to theuser that the transaction has been authorized and that the user mayproceed.

After the user has accessed the location, and after the user hascompleted his journey, the actual cost of user access is determined(step 116). The actual cost associated with the user's journey may bedetermined by the transit computer 16, which can keep track of where theuser's journey starts and ends. The start and end points of the user'sjourney can be determined using data from the first gate access device14(a) and another gate access device (not shown) at the end of theuser's journey. The other gate access device may have a similarconfiguration as the first gate access device 14(a).

The transit location 14 may be associated with a first transit systemsuch as a subway system. The user's journey may be solely on the firsttransit system, or may take place using a combination of transitsystems. For example, the user may use the first transit system such asa subway system and a second transit system such as a bus system. Theuser may receive a free transfer on the bus system as a result of theuser's use of the transit system.

After the actual cost of user access is determined, a clearing andsettlement process then occurs (step 116). The transit computer 16 maybe associated with an acquirer 17, and the acquirer 17 may receive faredata for the user from the transit computer 16. The acquirer 17 and theissuer 20 may clear and settle the user's transaction along with variousother transactions. As noted above, in some embodiments, a request tocharge the maximum or predicted fare is requested in the initialauthorization request message. If the actual amount of the user'sjourney is less than this, or more than this, then this is taken intoaccount during the clearing and settlement process between the transitagency's acquirer 17 and the issuer 20.

In the above described embodiments, the “round trip” for sending theauthorization request message and receiving the authorization responsemessage can be about 1 second, 500 milliseconds, 300 milliseconds, 150milliseconds or less in some embodiments, since the number of nodes isreduced (e.g., no acquirer node) as compared to conventional transactionprocessing methods.

FIG. 7 shows another system according to another embodiment of theinvention. In FIGS. 1 and 7, like numerals designate like components andthe descriptions thereof need not be repeated here.

FIG. 7 additionally shows an additional secondary computer 15, which isbetween the first gate access device 14(a) and the server computer 18(a)in the payment processing network 18. The secondary computer 15 may besuitable for processing authorization request messages from the firstgate access device 14(a), wherein the secondary computer is closer tothe gate access device 14(a) than the primary computer 20(a) at theissuer's primary location. The secondary computer 15 can primarilyprocess authorization request messages associated with accesstransactions, whereas the primary computer 20(a) can process both normalretail transactions and also access transactions such as transittransactions. More specifically, a processor in the secondary computer15 can primarily process authorization request messages associated withaccess transactions. The secondary computer 15 may comprise any suitablecombination of components shown in FIG. 5.

The secondary computer 15 may be run or updated by the issuer 20, orsome other entity (e.g., a payment processing organization such asVisa). The secondary computer 15 may store a number of predeterminedrules that will allow it to make a decision on the authorization requestmessage. Because the secondary computer 15 makes the decision and theauthorization request message does not need to be received by theprimary computer 20(a) operated by the issuer, the authorizationdecision can be made more quickly than in a situation where theauthorization request message is sent to the primary computer 20(a).

FIG. 8 shows another flowchart illustrating other methods according toother embodiments of the invention. Additional methods according toembodiments of the invention can be described with reference to FIGS. 5and 8.

First, a user of a transit system interacts with a gate access device14(a) using a portable consumer device 32 (step 202). The gate accessdevice 14(a) may be a first gate access device 14(a) at a transitlocation 14. The transit location 14 may be, for example, a subwaystation and may have a plurality of gate access devices 14(a), 14(b)which prevent a user from accessing transit services at the transitlocation 14 until the user is authorized to do so.

After the portable consumer device 32 interacts with the gate accessdevice 14(a), and a request to enter the transit location 14 is receivedby the gate access device 14(a), an authorization request message isgenerated (step 204). A portable consumer device reader 14(a)-3 andreceive consumer information stored in a computer readable medium in theportable consumer device 32, and this information may pass to theprocessor 14(a)-1. The processor 14(a)-1 may consequently generate anauthorization request message, which may then be transmitted to anissuer via the network interface 14(a)-6. In some embodiments, the firstgate access device 14(a) can generate the authorization request message,while in other embodiments, an external computer in communication withthe first gate access device 14(a) can generate the authorizationrequest message.

The authorization request message may contain information (or any subsetof such information) including the track 1 and track 2 type information(e.g., BIN or PAN number, expiration date, etc.) described above. It mayalso comprise a dynamic or static verification value as described above.

After the authorization request message is generated by the first gateaccess device 14(a) (or other device in communication with the firstgate access device 14(a)), it is sent to the secondary computer 15(steps 206 and 208) instead of to the primary computer 20(a) operated bythe issuer 20 for a decision on the transaction. However, since thesecondary computer 15 is operated and/or updated by the issuer 20, whenthe authorization request message is sent to the secondary computer 15,it is also being “sent to the issuer 20.” In a normal retail transactionconducted using a credit card or the like, authorization requestmessages pass through acquirers before they pass to a payment processingnetwork such as VisaNet™, and eventually to the primary computer 20(a)operated by the issuer 20. Since the authorization request message doesnot need to be sent all the way to the primary computer 20(a) operatedby the issuer 20, the decision as to whether or not the user isauthorized to enter the transit location 14 can be made much morequickly.

After the authorization request message is received by the secondarycomputer 15, it can decide whether or not the transaction is authorized(steps 210 and 212). The secondary computer 15 can use any suitableinformation to decide whether or not the transaction is authorized. Forexample, the secondary computer 15 may store an approved list of BIN orPAN numbers or a disapproved list of BIN or PAN numbers. Either or bothof these lists can be used to determine if the user is authorized toenter the transit location 14. Alternatively or additionally, thesecondary computer 15 may store instructions or code for risk scoringand risk determinations can be made by the secondary computer 15. Forexample, the secondary computer 15 may determine that the user regularlyuses the particular transit system associated with the transit location14 and/or that the user is using a portable consumer device 32 in theform of a “gold” card with a high spending limit. This information maybe sufficient to authorize the transaction, even though the user'sactual account was not checked to determine if there were sufficientfunds or credit in the user's account. The issuer 20 bears the risk thatthere are sufficient funds or credit in the user's account, based oninformation received in the authorization request message and/or storedin the secondary computer 15.

If the transaction is approved, the secondary computer 15 generates anauthorization response message and sends it to the first gate accessdevice 14(a) (step 214). More specifically, a processor within thesecondary computer 15 may generate the authorization response message.The authorization response message is then sent to the first gate accessdevice 14(a)-1 via a network interface 14(a)-6 in the gate access device14(a). The processor 14(a)-1 in the gate access device 14 can then causethe gate device 14(a)-4 in the first gate access device 14(a) to actuateto allow the user to enter the transit location 14.

At a subsequent time, the transit computer 16 is updated withinformation from the first gate access device 14(a) and another gateaccess device (not shown) that is at the exit of the user's journey(step 218). Then, the actual cost of the user's journey is determined bythe transit computer 16 (step 230), and the transaction is subject to aclearing and settlement process (step 232) as described above.

If the transaction is not approved, an authorization response messagedenying the transaction could simply be sent to the first gate accessdevice 14(a). A message indicating that the user should see a transit orstation attendant may be shown by the first gate access device 14(a).

Alternatively, as shown in FIG. 8, if the transaction is not approved(step 212), the authorization request message is forwarded to theprimary computer 20(a) operated by the issuer 20. A processor in theprimary computer 20(a) can then check the user's account in the database20(b) to determine if there are sufficient funds and/or credit in theuser's account. If there are sufficient funds and/or credit, then theuser is permitted to access the transit location 14 (step 224). Then,the actual cost of the user's journey is determined (step 230) and aclearing and settlement process takes place (step 232) as describedabove.

If there are insufficient funds in the user's account, the primarycomputer 20(a) may send an authorization response message declining thetransaction to the first gate access device 14(a) via the paymentprocessing network 18 (step 226). At this point, the user may simply beprevented from passing through the first gate access device 14(a) or maybe asked to see the transit or station attendant at the transit location14.

The embodiments described with respect to FIG. 8 can have an even fasterresponse than the embodiments described with reference to FIG. 6, sincethe authorization request message need not be sent all the way to theissuer's primary computer 20(a).

In some instances, the communication between the various gate accessdevices and the previously described primary and secondary computers maybe too slow, and some alternative action is preferably taken. Forexample, there may be instances where the primary and secondarycomputers are temporarily overloaded with data and their response timemay be slow, and/or there may be some other disruption in communication(e.g., a router is not functioning for the moment). In this case, a gateaccess device could simply let the user into the transit location,before an authorization response message is received by the gate accessdevice. A computer readable medium in the gate access device maycomprise code for a timeout feature such that if a response message isnot received from the issuer within a predetermined time (e.g., 200 ms,400 ms, or 800 ms, 2 seconds, 3 seconds, 4 seconds, or 5 seconds), thenthe gate access device may let the user into the transit location.During the user's journey, the issuer is able to evaluate theauthorization request message and respond to it. A gate access device atan exit transit location at the end of the user's journey could preventthe user from exiting the exit transit location if the user hasinsufficient funds in his account and/or if the issuer determines thatthe portable consumer device being used by the user was somehowfraudulently obtained. The gate access device at the exit transitlocation at the end of the user's journey may allow the user to exit ifthe issuer's evaluation indicates that the user has sufficient fundsand/or credit in his account, or if the issuer determines that it willotherwise bear the risk of conducting the transaction.

The software components or functions described in this application, maybe implemented as software code to be executed by one or more processorsusing any suitable computer language such as, for example, Java, C++ orPerl using, for example, conventional or object-oriented techniques. Thesoftware code may be stored as a series of instructions, or commands ona computer readable medium, such as a random access memory (RAM), a readonly memory (ROM), a magnetic medium such as a hard-drive or a floppydisk, or an optical medium such as a CD-ROM. Any such computer readablemedium may also reside on or within a single computational apparatus,and may be present on or within different computational apparatuseswithin a system or network.

Some embodiments of the present invention can be implemented in the formof control logic in software or hardware or a combination of both. Thecontrol logic may be stored in an information storage medium as aplurality of instructions adapted to direct an information processingdevice to perform a set of steps disclosed in an embodiment of thepresent invention. Based on the disclosure and teachings providedherein, a person of ordinary skill in the art will appreciate other waysand/or methods to implement the present invention.

Any recitation of “a”, “an” or “the” is intended to mean “one or more”unless specifically indicated to the contrary.

The above description is illustrative and is not restrictive. Manyvariations of the invention will become apparent to those skilled in theart upon review of the disclosure. The scope of the invention should,therefore, be determined not with reference to the above description,but instead should be determined with reference to the pending claimsalong with their full scope or equivalents.

All patents, patent applications, publications, and descriptionsmentioned above are herein incorporated by reference in their entiretyfor all purposes. None is admitted to be prior art.

What is claimed is:
 1. A method comprising: receiving an indication ofan interaction from a user at a gate access device that is capable ofpreventing access to a location; in response to receiving theindication, generating, by the gate access device, an authorizationrequest message; transmitting the authorization request message to anissuer computer operated by an issuer for approval by way of a paymentprocessing network in an online authorization process for immediateauthorization or decline, wherein the authorization request message doesnot pass through an acquirer as the authorization request message passesfrom the gate access device to the issuer computer, wherein theauthorization request message includes a request to charge apredetermined amount of money, wherein the location is a transitlocation and the gate access device is a transit gate access device,wherein at least one of the transit location and the gate access deviceis managed by a transit agency, and wherein the transit agency isdifferent than the issuer; receiving, by the gate access device, anauthorization response message indicating that the charge is authorizedby the issuer computer; and granting the user access to the location, bythe gate access device, by actuating the gate access device in responseto receiving the authorization request message from the issuer computerindicating that the charge is authorized, wherein the onlineauthorization process including transmitting the authorization requestmessage to the issuer computer and receiving the authorization responsemessage from the issuer computer takes less than or equal to 300milliseconds to complete, wherein the payment processing networkperforms fraud processing on the authorization request message beforethe authorization request message is received at the issuer computer andafter the authorization request message is sent from the gate accessdevice to the issuer computer.
 2. The method of claim 1 wherein thepredetermined amount of money is equal to a maximum fare charged by thetransit agency for a transit service offered by the transit agency thatcharges fares based on distance traveled.
 3. The method of claim 1wherein the predetermined amount of money is equal to a predicted farecharged by the transit agency for the user, based on the user's pasthistory with the transit agency.
 4. The method of claim 1 wherein theuser interacts with the gate access device using a portable consumerdevice associated with the user.
 5. The method of claim 4 wherein theportable consumer device is in the form of a payment card.
 6. The methodof claim 5 wherein the payment card is a prepaid card.
 7. The method ofclaim 1 wherein the authorization request message comprises a primaryaccount number and a dynamic verification value.
 8. The method of claim1 wherein the payment processing network is configured to performstand-in processing if a time-out occurs due to unavailability of theissuer computer.
 9. The method of claim 1 further comprising: placing ahold on an account of the user, by the issuer computer, for thepredetermined amount of money after receiving the authorization requestmessage; determining, by a transit computer, fare for transit based ondistance traveled by the user; providing, by the transit computer, thefare for the transit based on the distance traveled by the user to theissuer computer; and releasing, by the issuer computer, the hold on theuser's account during clearing and settlement of the user's account forany amount over the fare for transit held.
 10. The method of claim 1wherein the issuer computer is configured to authorize only transittransactions.
 11. The method of claim 1 wherein generating theauthorization request message by the gate access device takes 40milliseconds or less.
 12. The method of claim 1 further comprising:updating, by a transit computer, with information from the gate accessdevice and information from another gate access device that is at anexit of a journey taken by the user; and determining an actual cost ofthe journey taken by the user.
 13. The method of claim 12 wherein thetransit location is a train station.
 14. A system comprising: an issuercomputer comprising a processor, and a computer readable medium coupledto the processor, the computer readable medium comprising codeexecutable by the processor, for implementing a method comprisingreceiving, by the issuer computer, an authorization request messagecomprising a request to charge a predetermined amount of money from agate access device in an online authorization process after a portableconsumer device associated with a user interacts with the gate accessdevice, wherein the authorization request message is received by theissuer computer from the gate access device by way of a paymentprocessing network for immediate authorization or decline and theauthorization request message does not pass through an acquirer as theauthorization request message passes from the gate access device to theissuer computer, determining, by the issuer computer, if the user isauthorized to enter a location accessible via the gate access device,generating, by the issuer computer, an authorization response messageindicating that the charge is approved, and sending, by the issuercomputer, the authorization response message to the gate access device,wherein the online authorization process including receiving theauthorization request message, generating the authorization responsemessage and sending the authorization response message takes less thanor equal to 300 milliseconds to complete from the time the userinteracts with the gate access device, wherein the location is a transitlocation and the gate access device is a transit gate access device, andwherein at least one of the transit location and the gate access deviceis managed by a transit agency; and the payment processing network,wherein the payment processing network is configured to perform fraudprocessing on the authorization request message before the authorizationrequest message is received at the issuer computer and after theauthorization request message is sent from the gate access device to theissuer computer.
 15. The system of claim 14, wherein the predeterminedamount of money is equal to a maximum fare charged by a transit agencyfor a transit service offered by the transit agency that charges faresbased on distance traveled.
 16. A system comprising: a gate accessdevice comprising a processor and a computer readable medium coupled tothe processor, the computer readable medium comprising code executableby the processor, for implementing a method comprising receiving anindication of an interaction from a user at the gate access device thatis capable of preventing access to a location, in response to receivingthe indication, generating, by the gate access device, an authorizationrequest message, transmitting the authorization request message to anissuer computer operated by an issuer for approval by way of a paymentprocessing network in an online authorization process for immediateauthorization or decline, wherein the authorization request message doesnot pass through an acquirer as the authorization request message passesfrom the gate access device to the issuer computer, wherein theauthorization request message includes a request to charge apredetermined amount of money, wherein the location is a transitlocation and the gate access device is a transit gate access device,wherein at least one of the transit location and the gate access deviceis managed by a transit agency, and wherein the transit agency isdifferent than the issuer, receiving, by the gate access device, anauthorization response message indicating that the charge is authorizedfrom the issuer computer, and granting the user access to the location,by the gate access device, by actuating the gate access device inresponse to receiving the authorization request message indicating thatthe charge is authorized, wherein the online authorization processincluding transmitting the authorization request message to the issuercomputer and receiving the authorization response message from theissuer computer takes less than or equal to 300 milliseconds tocomplete; and the payment processing network, wherein the paymentprocessing network is configured to perform fraud processing on theauthorization request message before the authorization request messageis received at the issuer computer and after the authorization requestmessage is sent from the gate access device to the issuer computer. 17.The system of claim 16 wherein the predetermined amount of money isequal to the maximum fare charged by the transit agency for a transitservice offered by the transit agency that charges fares based ondistance traveled.
 18. The system of claim 16 wherein the gate accessdevice comprises a gate device that actuates.